Attachment 7715 Details for Bug 9052 – Replacement patch for master and 3.6.next with the removal of the sid_array_from_info3() paramter.

[patch] Replacement patch for master and 3.6.next with the removal of the sid_array_from_info3() paramter.

0001-s3-winbind-Fix-bug-9052-resolving-our-own-Domain-Loc.patch (text/plain), 3.70 KB, created by Jeremy Allison on 2012-07-21 00:14:38 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jeremy Allison

Created: 2012-07-21 00:14:38 UTC

Size: 3.70 KB

patch

obsolete

>From a03b21853692421e060b2c07062ba5cfdb075ff5 Mon Sep 17 00:00:00 2001
>From: Andreas Schneider <asn@samba.org>
>Date: Fri, 20 Jul 2012 17:12:09 -0700
>Subject: [PATCH] s3-winbind: Fix bug #9052 resolving our own "Domain Local"
> groups.
>
>We don't resolve our own "Domain Local" groups since bug #7843 has been
>fixed. So we need to add the add resource groups to the sid list too.
>
>Before bug #7843 the "Domain Local" groups were added with a
>lookupuseraliases call, but this isn't done anymore for our domain
>so we need to resolve resource groups here.
>
>When to use Resource Groups:
>http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx
>
>Signed-off-by: Jeremy Allison <jra@samba.org>
>---
> source3/include/proto.h          |    3 +--
> source3/lib/util_sid.c           |    9 +--------
> source3/winbindd/winbindd_pam.c  |    2 +-
> source3/winbindd/winbindd_util.c |   12 +++++++++---
> 4 files changed, 12 insertions(+), 14 deletions(-)
>
>diff --git a/source3/include/proto.h b/source3/include/proto.h
>index e22fc9c..720f431 100644
>--- a/source3/include/proto.h
>+++ b/source3/include/proto.h
>@@ -809,8 +809,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
> 			      const struct netr_SamInfo3 *info3,
> 			      struct dom_sid **user_sids,
> 			      uint32_t *num_user_sids,
>-			      bool include_user_group_rid,
>-			      bool skip_ressource_groups);
>+			      bool include_user_group_rid);
> 
> /* The following definitions come from lib/util_sock.c  */
> 
>diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c
>index f080d3d..f051b7a 100644
>--- a/source3/lib/util_sid.c
>+++ b/source3/lib/util_sid.c
>@@ -130,8 +130,7 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
> 			      const struct netr_SamInfo3 *info3,
> 			      struct dom_sid **user_sids,
> 			      uint32_t *num_user_sids,
>-			      bool include_user_group_rid,
>-			      bool skip_ressource_groups)
>+			      bool include_user_group_rid)
> {
> 	NTSTATUS status;
> 	struct dom_sid sid;
>@@ -191,12 +190,6 @@ NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx,
>          */
> 
> 	for (i = 0; i < info3->sidcount; i++) {
>-
>-		if (skip_ressource_groups &&
>-		    (info3->sids[i].attributes & SE_GROUP_RESOURCE)) {
>-			continue;
>-		}
>-
> 		status = add_sid_to_array(mem_ctx, info3->sids[i].sid,
> 				      &sid_array, &num_sids);
> 		if (!NT_STATUS_IS_OK(status)) {
>diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c
>index 4c078df..55069f6 100644
>--- a/source3/winbindd/winbindd_pam.c
>+++ b/source3/winbindd/winbindd_pam.c
>@@ -306,7 +306,7 @@ static NTSTATUS check_info3_in_group(struct netr_SamInfo3 *info3,
> 	status = sid_array_from_info3(talloc_tos(), info3,
> 				      &token->sids,
> 				      &token->num_sids,
>-				      true, false);
>+				      true);
> 	if (!NT_STATUS_IS_OK(status)) {
> 		TALLOC_FREE(frame);
> 		return status;
>diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
>index 63cb2d2..37b6578 100644
>--- a/source3/winbindd/winbindd_util.c
>+++ b/source3/winbindd/winbindd_util.c
>@@ -1033,12 +1033,18 @@ NTSTATUS lookup_usergroups_cached(struct winbindd_domain *domain,
> 		return NT_STATUS_UNSUCCESSFUL;
> 	}
> 
>-	/* Skip Domain local groups outside our domain.
>-	   We'll get these from the getsidaliases() RPC call. */
>+	/*
>+	 * Before bug #7843 the "Domain Local" groups were added with a
>+	 * lookupuseraliases call, but this isn't done anymore for our domain
>+	 * so we need to resolve resource groups here.
>+	 *
>+	 * When to use Resource Groups:
>+	 * http://technet.microsoft.com/en-us/library/cc753670%28v=WS.10%29.aspx
>+	 */
> 	status = sid_array_from_info3(mem_ctx, info3,
> 				      user_sids,
> 				      &num_groups,
>-				      false, true);
>+				      false);
> 
> 	if (!NT_STATUS_IS_OK(status)) {
> 		TALLOC_FREE(info3);
>-- 
>1.7.7.3
>

Flags:

asn: review+

Actions: View

Attachments on bug 9052: 7711 | 7715